VYPR

Multi-function Printers

by Brother

CVEs (2)

  • CVE-2024-51981MedJun 25, 2025
    risk 0.35cvss 5.3epss 0.01

    An unauthenticated attacker may perform a blind server side request forgery (SSRF), due to a CLRF injection issue that can be leveraged to perform HTTP request smuggling. This SSRF leverages the WS-Addressing feature used during a WS-Eventing subscription SOAP operation. The…

  • CVE-2025-8452MedAug 12, 2025
    risk 0.28cvss 4.3epss 0.00

    By using the "uscan" protocol provided by the eSCL specification, an attacker can discover the serial number of multi-function printers that implement the Brother-provided firmware. This serial number can, in turn, can be leveraged by the flaw described by CVE-2024-51978 to…